CVE-2021-26624
7.8
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An local privilege escalation vulnerability due to a "runasroot" command in eScan Anti-Virus. This vulnerability is due to invalid arguments and insufficient execution conditions related to "runasroot" command. This vulnerability can induce remote attackers to exploit root privileges by manipulating parameter values.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| MicroWorld Technologies Inc. | eScan Anti-Virus for Linux | unspecified <= 7.0.31 | affected |
Weaknesses
- CWE-20: CWE-20 Improper Input Validation
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.